forked from Archives/Athou_commafeed
protect the admin user
This commit is contained in:
Athou
@@ -50,6 +50,11 @@ public class AdminUsersREST extends AbstractREST {
|
||||
}
|
||||
} else {
|
||||
User user = userService.findById(id);
|
||||
if (StartupBean.ADMIN_NAME.equals(user.getName())
|
||||
&& !userModel.isEnabled()) {
|
||||
return Response.status(Status.FORBIDDEN)
|
||||
.entity("You cannot disable the admin user.").build();
|
||||
}
|
||||
user.setName(userModel.getName());
|
||||
if (StringUtils.isNotBlank(userModel.getPassword())) {
|
||||
user.setPassword(encryptionService.getEncryptedPassword(
|
||||
@@ -120,7 +125,8 @@ public class AdminUsersREST extends AbstractREST {
|
||||
return Response.status(Status.NOT_FOUND).build();
|
||||
}
|
||||
if (StartupBean.ADMIN_NAME.equals(user.getName())) {
|
||||
return Response.status(Status.FORBIDDEN).build();
|
||||
return Response.status(Status.FORBIDDEN)
|
||||
.entity("You cannot delete the admin user.").build();
|
||||
}
|
||||
feedEntryStatusService.delete(feedEntryStatusService.findAll(user));
|
||||
feedSubscriptionService.delete(feedSubscriptionService.findAll(user));
|
||||
|
||||
@@ -251,7 +251,7 @@ module.controller('FeedListCtrl', function($scope, $stateParams, $http, $route,
|
||||
});
|
||||
|
||||
module.controller('ManageUsersCtrl',
|
||||
function($scope, $state, AdminUsersService) {
|
||||
function($scope, $state, $location, AdminUsersService) {
|
||||
$scope.users = AdminUsersService.getAll();
|
||||
$scope.selection = [];
|
||||
$scope.gridOptions = {
|
||||
@@ -268,6 +268,9 @@ module.controller('ManageUsersCtrl',
|
||||
$scope.addUser = function() {
|
||||
$state.transitionTo('admin.useradd');
|
||||
};
|
||||
$scope.back = function() {
|
||||
$location.path('/');
|
||||
};
|
||||
});
|
||||
|
||||
module.controller('ManageUserCtrl', function($scope, $state, $stateParams,
|
||||
@@ -279,6 +282,12 @@ module.controller('ManageUserCtrl', function($scope, $state, $stateParams,
|
||||
$scope.closeAlert = function(index) {
|
||||
$scope.alerts.splice(index, 1);
|
||||
};
|
||||
var alertFunction = function(data) {
|
||||
$scope.alerts.push({
|
||||
msg : data.data,
|
||||
type: 'error'
|
||||
});
|
||||
};
|
||||
|
||||
$scope.cancel = function(){
|
||||
$state.transitionTo('admin.userlist');
|
||||
@@ -286,15 +295,11 @@ module.controller('ManageUserCtrl', function($scope, $state, $stateParams,
|
||||
$scope.save = function() {
|
||||
AdminUsersService.save($scope.user, function() {
|
||||
$state.transitionTo('admin.userlist');
|
||||
}, function(data) {
|
||||
$scope.alerts.push({
|
||||
msg : data.data
|
||||
});
|
||||
});
|
||||
}, alertFunction);
|
||||
};
|
||||
$scope.delete = function() {
|
||||
AdminUsersService.delete({id: $scope.user.id}, function() {
|
||||
$state.transitionTo('admin.userlist');
|
||||
});
|
||||
},alertFunction);
|
||||
};
|
||||
});
|
||||
@@ -6,6 +6,7 @@
|
||||
<div>
|
||||
<div class="button-bar">
|
||||
<button class="btn" ng-click="addUser()">Add user</button>
|
||||
<button class="btn" ng-click="back()">Back</button>
|
||||
</div>
|
||||
<div class="users-table" ng-grid="gridOptions"></div>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user